Resilient Software Configuration and Infrastructure Code Analysis (Dagstuhl Seminar 23082)

Errors originating from infrastructure and their configurations are one of the major causes of system failures and system degradation, resulting in security vulnerabilities, application outages, and incorrect program executions. Investigating the root causes of such issues and remedies for them requires insight from different research perspectives, including systems, programming languages, software engineering, and verification. To facilitate progress in this field, this Dagstuhl Seminar brought together experts from academia and industry, enabling synergies between different software systems subareas. The seminar was a forum for cross-disciplinary discussions, bridged communities, and forged new conversations on new approaches. Emerging themes that were revealed during the seminar included a focus on Infrastructure as Code, the similarities and differences between configuration engineering and software engineering, the portability (or lack thereof) of program analysis techniques to configuration analysis, the design space of expressibility of configuration languages, and future challenges of analysis for safety, security, and auditing. The seminar led to new short-term and long-term collaborations and connections, including organizing additional workshops and a joint vision paper.